/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package sgt.supermarket.controller.customer;

import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import sgt.supermarket.entity.Customer;
import sgt.supermarket.hibernatedao.HibernateDAOFactory;
import sgt.supermarket.util.ServletExtensions;

/**
 *
 * @author Administrator
 */
public class CustomerChangePassword extends HttpServlet {

    /** 
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        Customer customer = (Customer) request.getSession().getAttribute("remoteCustomer");
        if (customer == null) {
            response.sendRedirect("login");
            return;
        }
        if (customer.isSecurityEnabled()) {
            response.sendRedirect("notsecured");
            return;
        }
        if (request.getMethod().equalsIgnoreCase("post")) {
            String oldPassword = request.getParameter("oldPassword");
            String newPassword = request.getParameter("newPassword");
            String confirmedNewPassword = request.getParameter("confirmedNewPassword");
            if (newPassword.length() < 3) {
                request.setAttribute("msg", "New password is too weak. Please specify password of at least 3 characters");
            } else if (confirmedNewPassword.equals(newPassword)) {
                if (oldPassword.equals(customer.getPassword())) {
                    HibernateDAOFactory factory = new HibernateDAOFactory();
                    customer = factory.getCustomerDAO().getById(customer.getAutoId());//reload-customer to avoid un-predictable problem with persistent manager
                    customer.setPassword(newPassword);
                    factory.getCustomerDAO().save(customer);
                    request.setAttribute("msg", "Your password has been changed");
                } else {
                    request.setAttribute("msg", "Incorrect old password");
                }
            } else {
                request.setAttribute("msg", "New password does not match");
            }
        }
        request.setAttribute("title", "Customer Change Password");
        request.getRequestDispatcher("/customer.customerChangePassword.tiles").forward(request, response);
    }
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">

    /**
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException,
            IOException {
        processRequest(request, response);
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException,
            IOException {
        processRequest(request, response);
    }

    /**
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>
}
